By Anurag Kahol, CTO and co-founder, Bitglass
Cloud adoption has already been growing rapidly, but we’ll see a sharp increase in adoption in 2020 as a result of the global pandemic.
Recent events have impacted businesses and schools all around the world, causing them to shift to remote work wherever possible. Cloud adoption gives employees and students the freedom to operate from the safety of their homes by granting remote access to needed data and services. However, even before the outbreak, cloud adoption was outpacing the adoption of the tools needed to properly protect data in cloud environments. In 2019, 86% of organizations deployed cloud-based tools, but a mere 34% made use of single sign-on (SSO), a basic but critical capability for authenticating users and securing access to corporate cloud environments. This statistic suggests deeper underlying cloud security issues within organizations and indicates that data breaches will continue to arise around the world.
The shift to widespread remote work also increases the likelihood of insider threats.
Verizon’s 2019 Data Breach Investigation Report found that approximately 34% of breaches involved internal actors. Additionally, a recent survey conducted on IT professionals about insider threats revealed that only half of the organizations provide user training regarding insider threats. While protecting data from malicious external actors is typically top of mind for most organizations, the fact remains that they must also defend against employees–whether they are malicious or merely careless.
Phishing attacks are not a groundbreaking threat, and general employee awareness of these schemes has grown in recent years; however, hackers still find success with this tactic by taking advantage of major news. In fact, the United Nations’ health agency released an alert warning of an increased number of cybercriminals posing as World Health Organization (WHO) representatives amid the current pandemic. During this stressful time, recipients of these messages are more likely to click on malicious URLs, open attachments, and give up personal data. Because of this, insider threats will spike and be a leading cause of data breaches in 2020.
Businesses will implement changes to ensure BYOD devices are secure.
A majority of organizations (85%) were already somewhat prepared for remote work by enabling bring your own device (BYOD) policies. On the flipside, not all companies that have adopted BYOD are doing so securely. For example, 43% of businesses do not know if the devices employees are using to access corporate data are infected with malware–demonstrating a disturbing lack of visibility. By the end of 2020, we will likely see even higher BYOD adoption rates–whether out of necessity for enabling remote work, or simply for BYOD’s many benefits, including enhanced mobility, efficiency, and employee satisfaction.
Regardless, when companies enable BYOD, they must also implement agentless security measures that can protect corporate data on personal devices. With agentless tools, IT gains security and compliance without invading user privacy through agents on employees’ personal endpoints. As organizations increasingly realize that cybersecurity must be a top priority, we predict that the use of agentless security solutions will rise alongside that of BYOD.
About the Author
Anurag is the CTO and co-founder of Bitglass where he expedites the company’s technology direction and architecture. Anurag was director of engineering in Juniper Networks’ Security Business Unit before co-founding Bitglass. Anurag received a global education, earning an M.S. in computer science from Colorado State University, and a B.S. in computer science from the Motilal Nehru National Institute Of Technology.